InfoSec News

After a thorough pummeling by the music industry, peer-to-peer (P2P) file-sharing software vendor LimeWire Inc. will launch a subscription-based music service for consumers.
 
Intel may be close to settling the antitrust lawsuit filed by the U.S. Federal Trade Commission late last year.
 
A number of readers (and myself included) have received an email claiming to be from GoDaddy. The email is grammatically correct, and appears quite genuine. The subject is GoDaddy.com Order Confirmation and interestingly the images within the HTML are pulled from imagesak.godaddy.com, excepting one which came from hxxp://img.securepaynet.net/bbimage.aspx?pl=somecodeandmyemailaddress. The links in the emails I have seen point to hxxp://dextersss-com-ua.1gb.ua/zzx.htm among others. The phishing site and IP address and domain registration are in the Ukraine.
Thanks to Christopher and Dwight!
Cheers,

Adrien de Beaupr

EWA-Canada.com (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
The FreeAgent GoFlex Pro is one model in Seagate's refresh of its portable hard drive line (desktop versions are available, too). The new GoFlex system this drive is a part of encompasses drives of varying colors and capacities ($100 for 320GB in silver or black; $130 for 500GB in silver, black, red, or blue; $170 for 750GB in silver or black; and $190 for 1TB in silver or black), connection modules, and accessories.
 
You probably don't give much thought to what appears on the YouTube homepage every time you visit. You should, however, especially if you have a YouTube account. Let's take a look at some of the settings you can--and possibly should--change.
 
The "bring your own PC" concept could become a trend, implemented in more and more companies.
 
Will iOS 4, arriving today, really usher iPhones and iPads into the enterprise? Better security and enterprise management features should benefit heavily regulated industries, although previous iPhone OS upgrades did much of the heavy lifting, say some in the Apple ecosystem.
 
The man who famously asked if IT matters is back with a loaded question: Is the Internet, and especially Google, physically hurting your brain functions such as memory?
 
As many as 30 states could join an investigation into Google's collection of personal information from unprotected wireless networks, Connecticut's attorney general said today.
 
AT&T and Verizon Wireless, the two largest U.S. mobile operators, have joined an organization that ensures roaming among mobile operators' Wi-Fi networks.
 
As expected, Apple opened the download gate for iOS 4 today, and users said the mobile operating system upgrade appeared to download and install with few problems.
 
As the U.S. enters the summer vacation season, the U.S. Federal Communications Commission has launched an educational program to remind mobile-phone customers traveling internationally how to avoid high-cost calls.
 
As expected, Apple opened the download gate for iOS 4 today and users said the mobile operating system upgrade appeared to download and install with few problems.
 
The gargantuan amount of high-quality user data on Facebook is causing everyone -- from marketers to hackers -- to salivate like dogs gazing at a steak. They all want a piece of you.
 
Google Enterprise desktop customers praise the platform and tout its security and privacy features.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Google - Companies - Privacy - Google Enterprise - Cloud computing
 
Global PC sales are expected to grow by almost 20% in 2010, according to research firm IDC.
 
Nearly 110 million people worldwide are expected to use mobile systems to pay bills this year, up 55% from last year, according to Gartner Inc.
 
Apple released the iOS 4 update today just after 1 p.m. ET, 10 a.m. PT.
 
At Intel's annual Research Day this month it will show technologies that read users gestures and respond to thoughts, and a cloud-computing ready "smart car" with accident-prevention smarts.
 
Intel has started offering the fastest dual-core Core i3 laptop processor to PC makers including Dell and Hewlett-Packard.
 
These top-rated IT workplaces combine choice benefits with hot technologies and on-target training. Our 16th annual report highlights the employers firing on all cylinders.
 
Apple will release the iOS 4 update today around 1 p.m. ET, 10 a.m. PT, according to users citing calls to the company's sales and support desks.
 
Wireless has become a part of our official and personal lives. Securing against wireless threats has been and will continue to be an important piece in the overall enterprise security puzzle. However, as if following Darwin's theory of evolution, wireless security myths too are born, evolve and then die to be replaced by new ones.
 
Barnes & Noble today launched a Wi-Fi-only version of the Nook for $149 and cut the price of its original Wi-Fi and 3G version from $259 to $199.
 

Forbes (blog)

Patriotism Or Profit: A Question For Google, Microsoft, AOL And Others
Forbes (blog)
Can you imagine what would happen if a Russian company with an office in Washington DC hired a retired FBI Supervisory Special Agent to run it's InfoSec ...

 
Looking on in despair as a mishmash of e-mails piles up in Outlook? Xiant Filer ($20, 30-day free trial) may be able to help. It silently analyzes the way you file your e-mail, and based on what it finds, it recommends the proper folders for you to put all your incoming messages. Then, with a single click, you can send your e-mail to the most logical folders, and you'll be able to find it more easily in the future. No need to teach Xiant Filer; the program figures out where to file based on your preferences, and learns over time.
 
The software update helps enterprises coordinate the issuing of tokens among multiple data centers, and apply the technology to PII and PHI.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

nuBridges - Data center - Business - Payment Card Industry Data Security Standard - Databases
 
These top-rated IT workplaces combine choice benefits with hot technologies and on-target training. Our 16th annual report highlights the employers firing on all cylinders.
 
Apple's iOS 4 update for the iPhone arrives Monday, bringing much-needed changes to the phone's operating system and a more polished experience for users, says columnist Michael DeAgonia.
 
The Justice Department's decision to get involved in a whistleblower case in which Oracle is accused of overcharging customers significantly raises the legal stakes for the company.
 
Which organizations excel in key employment categories?
 
What's the key to job satisfaction for IT employees at Best Places?
 
Large IT vendors are back in the merger business after the recession caused a yearlong lull in acquisition plans, and that's prompting some users to evaluate cloud computing options to avoid what they fear could be a return to an era of vendor lock-in.
 
BP could be doing a better job of protecting its image during the disastrous oil spill if it had a stronger plan for using social networks to communicate with the world during a disaster.
 
Business intelligence projects fared well at the 2010 Computerworld Honors program, which recognizes IT projects that benefit society.
 
Google's inadvertent collection of personal data provides yet another lesson in privacy protection.
 
Outsourcing companies are attracted to the low cost and abundant staff in rural India.
 
Researchers ask whether multitouch devices cause physical stress
 
One of the main promises of NAC is that you can ensure that endpoint security tools are up to date and that non-compliant machines can be identified or blocked. As regulatory compliance has grown in importance, NAC vendors have reacted by building strong feature sets aimed at endpoint security and compliance. In our NAC testing, we had good, and sometimes great, results across the board when it came to endpoint security.
 
Toshiba has spent the last 25 years refining the basic laptop design of flat screen, x86 processor, full-size keyboard and removable storage. Its Portégé R700 will continue that tradition when it goes on sale next quarter, but two other new portable computers Toshiba will release around the same time take the company in new directions.
 
Despite the fact that network access control hasn't yet lived up to its initial promise, NAC is very much alive, as evidenced by the fact that 12 vendors participated in our NAC test, including industry leaders Microsoft, HP, Juniper, McAfee, Symantec and Alcatel-Lucent.
 
Together, the two vendors offer a complete framework and a wide set of hardware options. The result is interoperable parts that network managers can combine to give different types of NAC enforcement in different network topologies.
 
At its core, Avenda's eTIPS is a RADIUS server specifically designed for NAC authentication and access controls. Avenda gives authentication, endpoint security checking, and policy enforcement equal weight, making eTIPS a very well balanced NAC product.
 
With over a decade of experience doing nothing but NAC, Bradford brings an immense amount of corporate knowledge to the NAC marketplace.
 
While Cisco's overall NAC strategy is in flux, a NAC Appliance investment is likely to come with substantial purchase protection — just be sure to keep your SMARTnet contract up to date.
 
ForeScout's CounterACT has a very different take on NAC; the closest competitor is really Trustwave. In CounterACT's framework, the appliance scans network traffic to classify devices as they join the network.
 
Enterasys has done a good job making sure that its NAC product works very well in non-Enterasys networks. Because Enterasys NAC has both in-line and edge-enforcement technologies in a single product line, we think that this is a definite short-list for any 802.1X-based NAC deployment.
 
Trying to describe Juniper's UAC is difficult, because Juniper's NAC strategy has its tendrils in virtually every security product the company makes, from firewalls to switches to SSL VPNs.
 
HP's NAC will be most attractive to existing HP switch customers. One of the advantages of Identity Driven Manager, though, is that it is simple both in concept and in management.
 
InfoSec News: Cyber Crime Centre catches Lower Hutt hacker: http://www.stuff.co.nz/technology/3832728/Cyber-Crime-Centre-catches-Lower-Hutt-hacker
By CLAIRE McENTEE BusinessDay.co.nz 21/06/2010
A former information technology employee of a Lower Hutt sauce and condiment manufacturer has been fined more than $8000 after hacking into [...]
 
InfoSec News: The unreadiness team: http://www.washingtonpost.com/wp-dyn/content/article/2010/06/19/AR2010061902645.html
The Washington Post June 20, 2010
THE REPORT is chilling. Optimistically titled "U.S. Computer Emergency Readiness Team Makes Progress in Securing Cyberspace, but Challenges [...]
 
InfoSec News: Supreme Court rules for employer in text-messaging case: http://articles.chicagotribune.com/2010-06-17/business/sc-biz-0618-texts--20100617_1_text-messaging-work-related-purpose-jeff-quon
By David G. Savage Chicago Tribune Washington Bureau June 17, 2010
WASHINGTON - People who want to send highly personal notes to a romantic [...]
 

Posted by InfoSec News on Jun 20

http://www.stuff.co.nz/technology/3832728/Cyber-Crime-Centre-catches-Lower-Hutt-hacker

By CLAIRE McENTEE
BusinessDay.co.nz
21/06/2010

A former information technology employee of a Lower Hutt sauce and
condiment manufacturer has been fined more than $8000 after hacking into
the firm's network and accessing private emails.

The case is the National Cyber Crime Centre's first prosecution and
conviction.

Geraint Jones, an IT systems engineer,...
 

Posted by InfoSec News on Jun 20

http://www.washingtonpost.com/wp-dyn/content/article/2010/06/19/AR2010061902645.html

The Washington Post
June 20, 2010

THE REPORT is chilling. Optimistically titled "U.S. Computer Emergency
Readiness Team Makes Progress in Securing Cyberspace, but Challenges
Remain," it paints a disturbing picture of a national security disaster
waiting to happen. The U.S. Computer Emergency Readiness Team, or CERT,
established in 2003 to...
 

Posted by InfoSec News on Jun 20

http://articles.chicagotribune.com/2010-06-17/business/sc-biz-0618-texts--20100617_1_text-messaging-work-related-purpose-jeff-quon

By David G. Savage
Chicago Tribune
Washington Bureau
June 17, 2010

WASHINGTON - People who want to send highly personal notes to a romantic
partner were given a word of warning Thursday by the Supreme Court: Do
not use the messaging system supplied by your employer if you want to
keep them private.

In a 9-0...
 
Cloud computing is only one reason that IT in enterprises is in trouble.
 
The typical tools of employee retention -- raises, promotions and perks -- are unlikely to address the anxiety created by the confluence of economic reality and technical culture.
 

Internet Storm Center Infocon Status